<?php
session_start();
$login_post = $_POST["login"];
$password_post = md5($_POST["password"]);
include("connect_DB.php");
$con = mysqli_connect($url, $user, $password, $DB);
mysqli_query($con, 'set names utf8');
mysqli_query($con, 'set character_set_server=utf8');
if ($mysqli = mysqli_prepare($con, "SELECT * FROM user WHERE login=? and password=?")) {
    mysqli_stmt_bind_param($mysqli, "ss", $login_post, $password_post);
    mysqli_stmt_execute($mysqli);
    mysqli_stmt_bind_result($mysqli, $id, $login_p, $password_p, $email, $first_name, $last_name, $user_folder, $space);
    mysqli_stmt_fetch($mysqli);
    $_SESSION['id'] = $id;
    $_SESSION['login'] = $login_p;
    $_SESSION['password'] = $password_p;
    $_SESSION['email'] = $email;
    $_SESSION['first_name'] = $first_name;
    $_SESSION['last_name'] = $last_name;
    if ($login_p != '') {
        header("Location: index.php?isLogin=true");
    } else {
        header("Location: index.php?isLogin=false");
    }
} else {
    if (isset($_SESSION['fail_validation'])) {
        $_SESSION['fail_validation'] += 1;
    }
    echo "Логин или пароль неверный";
    header("Location: index.php?isLogin=false");
}
?>